search menu icon-carat-right cmu-wordmark

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated VU# CVSS Title
2019-08-13 2019-08-13 2019-08-20 VU#605641 0 HTTP/2 implementations do not robustly handle abnormal traffic and resource exhaustion
2019-08-14 2019-08-14 2019-08-19 VU#918987 7.8 Bluetooth BR/EDR supported devices are vulnerable to key negotiation attacks
2019-08-01 2019-07-18 2019-08-01 VU#489481 0 Cylance Antivirus Products Susceptible to Concatenation Bypass
2019-07-17 2019-07-16 2019-07-17 VU#790507 3.9 Oracle Solaris vulnerable to arbitrary code execution via /proc/self
2019-07-15 2019-07-15 2019-07-15 VU#129209 0 LLVMs Arm stack protection feature can be rendered ineffective
2018-05-08 2018-05-08 2019-07-11 VU#631579 5.3 Hardware debug exception documentation may result in unexpected behavior
2019-06-20 2019-06-17 2019-07-08 VU#905115 5.0 Multiple TCP Selective Acknowledgement (SACK) and Maximum Segment Size (MSS) networking vulnerabilities may cause denial-of-service conditions in Linux and FreeBSD kernels
2019-01-28 2019-01-21 2019-06-21 VU#465632 7.5 Microsoft Exchange server 2013 and newer are vulnerable to NTLM relay attacks
2019-06-04 2019-02-19 2019-06-19 VU#576688 4.2 Microsoft Windows RDP can bypass the Windows lock screen
2019-05-22 2019-05-21 2019-06-12 VU#119704 6.4 Microsoft Windows Task Scheduler SetJobFileSecurityByName privilege escalation vulnerability
2019-04-12 2019-04-10 2019-06-05 VU#871675 7.0 WPA3 design issues and implementation vulnerabilities in hostapd and wpa_supplicant
2019-06-01 2019-06-01 2019-06-03 VU#877837 5.5 Multiple vulnerabilities in Quest Kace System Management Appliance
2019-05-03 2019-05-03 2019-05-22 VU#169249 7.8 PrinterLogic Print Management Software fails to validate SSL certificates or the integrity of software updates.
2018-11-06 2018-11-05 2019-05-21 VU#395981 4.0 Self-encrypting hard drives do not adequately protect data
2019-05-14 2019-05-13 2019-05-16 VU#400865 6.8 Cisco Trust Anchor module (TAm) improperly checks code and Cisco IOS XE web UI does not sanitize user input

Sponsored by the Department of Homeland Security Office of Cybersecurity and Communications.